A U.S. Government Accountability Office (GAO) report released this week shows that the Department of Homeland Security (DHS) and its component agencies — particularly the Coast Guard and Customs and Border Protection (CBP) — have made substantial progress in three key areas of port security since the September 11, 2001 terrorist attacks (9/11), but some challenges remain. The federal audit report is based on work GAO has previously conducted regarding DHS port security programs from September 2003 to September 2013 with selected updates conducted through May 2014.

The GAO told lawmakers that “DHS agencies, especially CBP, have taken steps to enhance the security of the global supply chain—particularly for cargo bound for the United States,” and that “efforts have focused on assessing and mitigating cargo risk before it enters US ports by better targeting and scanning cargo, and establishing security partnerships with the foreign countries and companies that ship cargo to the United States.”

However, in multiple reports since 2005, GAO said it “found that DHS programs focused on protecting the global supply chain have been implemented with varying degrees of success and that many would benefit from the DHS agencies conducting further assessments of the programs, among other things.”

Some of key programs addressed in the report include the following:

Cargo screening and the Automated Targeting System: As part of its efforts to target high-risk maritime cargo containers for inspection, CBP screens containers in advance of their arrival in the United States. To enhance the screening of these containers, DHS developed the Automated Targeting System (ATS) – a computerized system that assesses information on each U.S.-bound cargo shipment and assigns it a risk score. CBP officers then use this risk score, along with other information, such as the shipment’s contents, to determine which shipments to physically examine. In September 2010, we reported that CBP had made progress in implementing ATS and enhancing it through the use of additional data. However in 2012, we also found that more regular assessments of ATS were needed to enhance its targeting of maritime cargo conainers and better position CBP to provide reasonable assurance of the effectiveness of ATS. We therefore recommended that the Commissioner of CBP (1) ensure future updates to the rules that identify risks are based on results of assessments that demonstrate the effectiveness of such updates; and (2) establish targets for CBP’s performance measures and use those measures to assess the effectiveness of ATS on a regular basis to better determine when updates to the rules that identify risks are needed. CBP concurred with the recommendations and in May 2014 provided milestones for implementing the recommendations by June 2015.

CSI program overseas: CBP has also developed the Container Security Initiative (CSI) program, which places CBP officials at selected foreign ports to use intelligence and risk assessment information to work with host country officials to determine whether U.S.-bound cargo container shipments from those ports are at risk of containing WMDs or other terrorist contraband. CBP’s selection of the initial 23 CSI ports in 2002 was primarily based on the volume of U.S.-bound containers, but beginning in 2003, CBP considered more threat information when it expanded the number of CSI ports. In September 2013, we reported that CBP had not assessed the risk posed by foreign ports that ship cargo to the United States since 2005 and recommended that DHS direct CBP to periodically assess the risks from all foreign ports that ship cargo to the United States and use the results of these risk assessments to inform any future adjustments to CSI locations. DHS concurred and reported that, by December 2014, it plans to develop a process for conducting such periodic risk assessments. In addition, in a May 2014 letter to Congress, the Secretary of Homeland Security reported that DHS will work to increase the percentage of containers scanned abroad and will engage other countries to discuss the potential expansion of CSI to additional ports that ship high-risk cargo to the United States.

Secure Freight Initiative: The Secure Freight Initiative (SFI) established pilot projects to test the feasibility of scanning 100 percent of U.S.-boundcontainers at foreign ports to address concerns that terrorists would smuggle WMDs inside cargo containers bound for the United States. [...] The SAFE Port Act, as amended in 2007 by the Implementing Recommendations of the 9/11 Commission Act, directed DHS to implement 100 percent scanning of U.S.-bound maritime cargo container shipments by July 2012, but authorized DHS to extend the deadline for 2 years and renew such extension in additional 2-year increments if at least two of six statutory conditions existed. The former DHS Secretary exercised this authority and formally notified Congress by letter dated May 2, 2012 that she had extended the deadline until July 1, 2014. In a letter to Members of Congress, in May 2014, the Secretary of Homeland Security stated that the conditions and supporting evidence cited in the 2012 deadline extension — negative effects on trade capacity and the flow of cargo and characteristics of foreign ports that prevent the installation of scanning systems — continue to prevail and preclude full-scale implementation.

GAO pointed out that “ports, waterways and vessels handle billions of dollars in cargo annually, and an attack on our nation’s maritime transportation system could have dire consequences. Ports are inherently vulnerable to terrorist attacks because of their size, general proximity to metropolitan areas, the volume of cargo being processed, and their link to the global supply chain—that is, the flow of goods from manufacturers to retailers. Balancing security concerns with facilitation of the free flow of people and commerce remains an ongoing challenge for federal, state, local and private stakeholders operating in ports.”

In prior audit reports, GAO made recommendations to DHS to strengthen various port security programs. Overall, DHS generally concurred with the recommendations and has taken actions, or has actions under way, to address most of them, GAO said.